package com.dxk.config;

import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;


//AOP 切入  链式编程
@EnableWebSecurity
public class securityConfig extends WebSecurityConfigurerAdapter {

    //认证
    @Override
    protected void configure(HttpSecurity http) throws Exception {

        http.authorizeRequests().antMatchers("/").permitAll()
                .antMatchers("/leve1/**").hasRole("VIP1")
                .antMatchers("/leve2/**").hasRole("VIP2")
                .antMatchers("/leve3/**").hasRole("VIP3");

        //注销
        http.logout().logoutSuccessUrl("/");
        //记住我
        //关闭 csif
        http.csrf().disable();
        http.rememberMe().rememberMeParameter("remember");
        //设置登入主页  ，接收前端传来的表单 name的名字   loginProcessingUrl为实际接收的表单的URL
         http.formLogin().loginPage("/index").passwordParameter("pwd").usernameParameter("user").loginProcessingUrl("/login");
    }
    //授权
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
       auth.inMemoryAuthentication().passwordEncoder(new BCryptPasswordEncoder())
      .withUser("dxk").password(new BCryptPasswordEncoder().encode("123456")).roles("VIP1","VIP2")
       .and().withUser("root").password(new BCryptPasswordEncoder().encode("123456")).roles("VIP3","VIP2")
       ;
    }
}
